-
Notifications
You must be signed in to change notification settings - Fork 1.2k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[gha] comment ops + recreate_vm (#16421)
- Loading branch information
1 parent
cac068f
commit c2633ce
Showing
5 changed files
with
144 additions
and
29 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,10 +1,15 @@ | ||
| name: Build | ||
| on: | ||
| pull_request: | ||
| types: [ opened, synchronize, edited ] | ||
| types: [ opened, edited ] | ||
| push: | ||
| branches: [ main ] | ||
| workflow_dispatch: | ||
| inputs: | ||
| recreate_vm: | ||
| required: true | ||
| type: string | ||
| description: "Whether to recreate the VM" | ||
| default: "false" | ||
|
|
||
| jobs: | ||
| configuration: | ||
|
|
@@ -16,42 +21,48 @@ jobs: | |
| outputs: | ||
| is_main_branch: ${{ (github.head_ref || github.ref) == 'refs/heads/main' }} | ||
| version: ${{ steps.branches.outputs.sanitized-branch-name }}-gha.${{github.run_number}} | ||
| with_github_actions: ${{ contains(github.event.pull_request.body, '[x] /werft with-github-actions') }} | ||
| preview_enable: ${{ contains(github.event.pull_request.body, '[x] /werft with-preview') }} | ||
| preview_infra_provider: ${{ contains(github.event.pull_request.body, '[X] /werft with-gce-vm') && 'gce' || 'harvester' }} | ||
| build_no_cache: ${{ contains(github.event.pull_request.body, '[x] leeway-no-cache') }} | ||
| build_no_test: ${{ contains(github.event.pull_request.body, '[x] /werft no-test') }} | ||
| with_github_actions: ${{ contains( steps.pr-details.outputs.pr_body, '[x] /werft with-github-actions') }} | ||
| preview_enable: ${{ contains( steps.pr-details.outputs.pr_body, '[x] /werft with-preview') }} | ||
| preview_infra_provider: ${{ contains( steps.pr-details.outputs.pr_body, '[X] /werft with-gce-vm') && 'gce' || 'harvester' }} | ||
| build_no_cache: ${{ contains( steps.pr-details.outputs.pr_body, '[x] leeway-no-cache') }} | ||
| build_no_test: ${{ contains( steps.pr-details.outputs.pr_body, '[x] /werft no-test') }} | ||
| build_leeway_target: ${{ steps.output.outputs.build_leeway_target }} | ||
| with_large_vm: ${{ contains(github.event.pull_request.body, '[X] /werft with-large-vm') }} | ||
| publish_to_npm: ${{ contains(github.event.pull_request.body, '[X] /werft publish-to-npm') }} | ||
| publish_to_jbmp: ${{ contains(github.event.pull_request.body, '[X] /werft publish-to-jb-marketplace') }} | ||
| with_ws_manager_mk2: ${{ contains(github.event.pull_request.body, '[X] with-ws-manager-mk2') }} | ||
| with_dedicated_emulation: ${{ contains(github.event.pull_request.body, '[X] with-dedicated-emulation') }} | ||
| with_ee_license: ${{ contains(github.event.pull_request.body, '[X] with-ee-license') }} | ||
| with_slow_database: ${{ contains(github.event.pull_request.body, '[X] with-slow-database') }} | ||
| analytics: ${{ contains(github.event.pull_request.body, '[X] analytics') }} | ||
| with_large_vm: ${{ contains( steps.pr-details.outputs.pr_body, '[X] /werft with-large-vm') }} | ||
| publish_to_npm: ${{ contains( steps.pr-details.outputs.pr_body, '[X] /werft publish-to-npm') }} | ||
| publish_to_jbmp: ${{ contains( steps.pr-details.outputs.pr_body, '[X] /werft publish-to-jb-marketplace') }} | ||
| with_ws_manager_mk2: ${{ contains( steps.pr-details.outputs.pr_body, '[X] with-ws-manager-mk2') }} | ||
| with_dedicated_emulation: ${{ contains( steps.pr-details.outputs.pr_body, '[X] with-dedicated-emulation') }} | ||
| with_ee_license: ${{ contains( steps.pr-details.outputs.pr_body, '[X] with-ee-license') }} | ||
| with_slow_database: ${{ contains( steps.pr-details.outputs.pr_body, '[X] with-slow-database') }} | ||
| analytics: ${{ contains( steps.pr-details.outputs.pr_body, '[X] analytics') }} | ||
| workspace_feature_flags: ${{ steps.output.outputs.workspace_feature_flags }} | ||
| pr_no_diff_skip: ${{ steps.pr-diff.outputs.pr_no_diff_skip }} | ||
| steps: | ||
| - name: "Determine Branch" | ||
| id: branches | ||
| uses: transferwise/sanitize-branch-name@v1 | ||
| # Since we trigger this worklow on other event types, besides pull_request | ||
| # We use this action to help us get the pr body, as it's not included in push/workflow_dispatch events | ||
| - uses: 8BitJonny/[email protected] | ||
| id: pr-details | ||
| with: | ||
| sha: ${{ github.event.pull_request.head.sha }} | ||
| # If the PR got edited, but no checkbox changes occurred, we don't want to run the whole build | ||
| # Therefore we set a flag and use it to skip the next jobs | ||
| - name: "Check PR diff" | ||
| id: pr-diff | ||
| if: (github.event_name == 'pull_request' && github.event.action == 'edited') | ||
| env: | ||
| PR_DESC: '${{ github.event.pull_request.body }}' | ||
| PR_DESC: '${{ steps.pr-details.outputs.pr_body }}' | ||
| OLD_BODY: '${{ github.event.changes.body.from }}' | ||
| if: (github.event_name == 'pull_request' && github.event.action == 'edited') | ||
| run: | | ||
| if ! diff <(echo "$OLD_BODY") <(echo "$PR_DESC") | grep -e '\[x\]' -e '\[X\]'; then | ||
| echo "pr_no_diff_skip=true" >> $GITHUB_OUTPUT | ||
| fi | ||
| - name: "Set outputs" | ||
| id: output | ||
| env: | ||
| PR_DESC: '${{ github.event.pull_request.body }}' | ||
| PR_DESC: '${{ steps.pr-details.outputs.pr_body }}' | ||
| shell: bash | ||
| run: | | ||
| { | ||
|
|
@@ -116,6 +127,7 @@ jobs: | |
| infrastructure_provider: ${{ needs.configuration.outputs.preview_infra_provider }} | ||
| previewctl_hash: ${{ needs.build-previewctl.outputs.previewctl_hash }} | ||
| large_vm: ${{ needs.configuration.outputs.with_large_vm }} | ||
| recreate_vm: ${{ inputs.recreate_vm }} | ||
|
|
||
| build-gitpod: | ||
| name: Build Gitpod | ||
|
|
||
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,101 @@ | ||
| name: comment-ops | ||
|
|
||
| on: | ||
| issue_comment: | ||
| types: [ created ] | ||
|
|
||
| # This action *ALWAYS* runs on main. | ||
| # Any changes done to it, will not have an effect, until said changes have landed on the main branch | ||
| # This has a side effect that always `head_ref == main` and `head_sha == main_head_sha` | ||
| # Therefore we can't find out easily which PR the comment that triggered the action belongs to | ||
|
|
||
| jobs: | ||
| configure: | ||
| # We *MUST* always check the author_association, which tells us if the person is an owner of the repo, or member of the org (i.e. has permissions) | ||
| # Otherwise they can execute arbitrary code if the triggered workflow (i.e. the build) is modified, as it's being run by the github-actions bot, and it always has permissions | ||
| if: | | ||
| (github.event.issue.author_association == 'OWNER' || github.event.issue.author_association == 'MEMBER') && | ||
| (github.event.issue.pull_request && contains(github.event.comment.body, '/gh run')) | ||
| runs-on: [ self-hosted ] | ||
| # Technically we don't need these here, as we don't reuse them between jobs, but it's good to have them in a single place | ||
| outputs: | ||
| branch: ${{ steps.comment-branch.outputs.head_ref }} | ||
| run_url: ${{ steps.run_outputs.outputs.run_url }} | ||
| run_id: ${{ steps.run_outputs.outputs.run_id }} | ||
| recreate_vm: ${{ steps.configure.outputs.recreate-vm }} | ||
| steps: | ||
| # In order for us to find out from which PR the comment originates, we use the `xt0rted/pull-request-comment-branch@v1` action | ||
| - uses: xt0rted/pull-request-comment-branch@v1 | ||
| id: comment-branch | ||
| # Set outputs we can reuse in the steps | ||
| - name: Set outputs | ||
| id: outputs | ||
| run: | | ||
| { | ||
| echo "recreate-vm=${{ contains(github.event.comment.body, 'recreate-vm') }}" | ||
| } >> $GITHUB_OUTPUT | ||
| # Trigger the build workflow with the input we got from the comment | ||
| # In the triggered job (build), we'll combine the information from the PR description, with the input we pass here | ||
| # Also we use workflow_dispatch, instead of a workflow_call ( uses: ./build.yaml with: ...) | ||
| # Because with the latter it's not possible to trigger a dynamic one (i.e. based on a branch) - the name has to be hardcoded | ||
| - name: Trigger Workflow | ||
| uses: actions/github-script@v6 | ||
| with: | ||
| script: | | ||
| await github.rest.actions.createWorkflowDispatch({ | ||
| owner: context.repo.owner, | ||
| repo: context.repo.repo, | ||
| workflow_id: 'build.yaml', | ||
| ref: '${{ steps.comment-branch.outputs.head_ref }}', | ||
| inputs: { | ||
| "recreate_vm": '${{ steps.configure.outputs.recreate-vm }}' | ||
| } | ||
| }) | ||
| # Getting the ID of the workflow we triggered above is a bit tricky, as it's async :( | ||
| # There is a trick we can do - add an input with a unique id, get the list of worklow runs, and check for that input in them until we can find it | ||
| # But it's an overkill for now | ||
| # Instead, we wait a little, and grab the last job that was triggered by a `workflow_dispatch` event, AND is not completed, and we hope for the best 🤞 | ||
| - name: Get run URL | ||
| id: run_outputs | ||
| env: | ||
| GH_TOKEN: ${{ github.token }} | ||
| run: | | ||
| sleep 5 | ||
| url=$(gh run list --repo '${{ github.repository }}' --workflow build.yaml -b ${{ steps.comment-branch.outputs.head_ref }} --json event,url,status -q '[.[] | select(.event=="workflow_dispatch") | select(.status!="completed").url][0]') | ||
| { | ||
| echo "run_url=${url}" | ||
| echo "run_id=${url##*/}" | ||
| } >> $GITHUB_OUTPUT | ||
| # Comment with a link to the job that got triggered | ||
| - uses: actions/github-script@v6 | ||
| with: | ||
| github-token: ${{ github.token }} | ||
| script: | | ||
| github.rest.issues.createComment({ | ||
| issue_number: ${{ github.event.issue.number }}, | ||
| owner: context.repo.owner, | ||
| repo: context.repo.repo, | ||
| body: `#### Comment triggered a workflow run | ||
| Started workflow run: [${{ needs.configure.outputs.run_id }}](${{ needs.configure.outputs.run_url }}) | ||
| * \`recreate_vm: ${{ steps.configure.outputs.recreate-vm }}\`` | ||
| }) | ||
| # Comment if this job failed, so there's some feedback | ||
| comment-fail: | ||
| if: failure() | ||
| runs-on: [ self-hosted ] | ||
| steps: | ||
| - uses: actions/github-script@v6 | ||
| with: | ||
| github-token: ${{ github.token }} | ||
| script: | | ||
| let commentBody = '${{ github.event.comment.body }}' | ||
| commentBody += "\n\n Chat ops job failed. See [${{ github.run_id }}](https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}) for details" | ||
| github.rest.issues.updateComment({ | ||
| issue_number: ${{ github.event.issue.number }}, | ||
| owner: context.repo.owner, | ||
| repo: context.repo.repo, | ||
| comment_id: ${{ github.event.comment.id }}, | ||
| body: commentBody | ||
| }) |